If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

However I would expect that in all cases nomater what country you live in that it would be legal to port scan your own computers. So a company for example might be analizeing a server in their network and may use a port scanner to look for open ports used by trojans.

Sites such as www.pcflank.com will port scan your computer looking for open ports and give you a report on what it finds. They warn you to verify that indeed the IP address they are useing is corect and that you have verified with your ISP that you may scan your computer. As some ISPs may panic.

So in those cases it should be legal since you own the target computer. But in cases where your port scanning yahoo for example, I would expect you would soon be confonted by yahoo asking for the reason behind port scanning their computer.

Or as another example, if I was to do a zone transfer without first geting permision from the owner of that IP block, It is considered very rude, and it also puts a load on their routers to reply to a zone transfer.

I think it just depends however I would not recomend randomly port scanning computers without first knowing who you are dealing with.

I don't think it is acually illegal, but..... IF you do NOT have permission, and you are detected, it can be considered a hacking attempt, and I have seen ISP's remove peoples accounts for something as simple as a port scan.

Yeah, I am pretty sure it's legal in most countries, but some ISP's do frown on it, especially if it's reported to their abuse departments. Still there are others - more than not so I've found - that will not do anything if this type of probing activity is reported, no matter how many times you are scanned. I guess they have better things to investigate - either that, or they are so used to sitting with their thumbs up their a55e5 that they don't really know what it is to investigate suspicous activity. You could probably scan until your heart's content, but I wouldn't recommend doing that for obvious reasons. You could get yourself kicked off, or worse yet, piss someone off that is a hacker themselves and get yourself hacked. All in all, it's definitely best to just stick to scanning your own systems.

My opinion of scanning (and related activities) is this....if you don't own it or have some kind of legal agreement allowing you to test it...leave it alone.

"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chshBlog of X

Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.

Originally posted here by blakdeth77 Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.

When you say to close the shade(port), what if you are running ftp services, or are a company that needs the SSH port open? Then what do you do, stop your services? I would have to go with Juridian's idea on portscanning. Again, I doubt a company will stop their services and that most System Admin's/Operators would report a portscan.

There is a grey area in port scanning, in that, how many ports does it take for it to be considered a port scan? What if someone made a typo in a URL? What if someone was told the wrong IP? Those connections surely aren't scanning and are part of 'normal traffic', so there is a little squiggle room there, but not much. Most places would consider a scan a prelude to an attack and would report you, and your ISP could certainly take actions against you.

As far as the analogy goes :

Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.

1st comment: Uh...Don't know about you, but I wouldn't want someone walking around outside my house looking in my windows, and if I did catch someone doing that, they would have some explaining to do at gunpoint (note I said house, not apartment).

2nd comment: I tend to think of port scanning as a little more aggressive than just merely standing off from a distance and looking...more along the lines of going to every window/door on a house and trying to open them, but not going inside, but I also realize that is just my opinion.

So I guess to sum it up, I take it a little more seriously than do most people, and while it may not be 'illegal' to do it (you have to be careful, being sloppy when you scan could cause problems and those problems could get you prosecuted, think syn flooding and other DoS types of things), you are certainly inviting attention upon yourself, and if enough people complain to your ISP, you may be looking for a new one...

/nebulus

There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.